On Tue, Sep 01, 2020 at 11:02:18PM +1000, elvis wrote: > > On 1/9/20 6:29 pm, to...@tuxteam.de wrote: > >On Mon, Aug 31, 2020 at 04:57:28PM -0400, Gary Dale wrote: > > > >[...] > > > >>Just to be clear, the folder I had to change permissions on is the > >><folder containing all the web sites. This is many levels above the > >>document root, > >To be able to access a file given its path, you need to have read > >access to each directory [1] along that path. There isn't another > >way, and this is a Good Thing [TM] > > I don't know if this is a silly question or not, but can you access > a file not given its path?
Yes, you can :-) See openat(2). In a nutshell, someone else resolves the path up to the (more or less [1]) last directory, gives you an open file descriptor for that and you pick up from there. Of course, the program has to be written with that in mind. > I have the same problem as the OP sometimes and wonder what rules > there are for allowing access to directories further along the path. That depends on context, program, etc. But if you give the program an absolute path, every directory from the root down to the file has to be readable for your program. Usually this is what you want: you can close off a whole subtree of your file system -- imagine Gandalf standing there and yelling "Thou Shalt Not Pass!" or something. Cheers [1] Well, more or less. Not necessarily the last -- any midpoint along the path is fair game. - t
signature.asc
Description: Digital signature
